rnd256
rnd256
Thanks for the thorough details! I'm not particularly concerned about how trivial it is to parse the session cookie, but the `.sig` cookie using a sha1 hash by default seems...
It looks like this would be one way to resolve #181, which may otherwise be a critical security vulnerability.
Does Colyseus expose all `sessionId`s to all clients by default, or is this only an issue if you include `sessionId` in your Schema?
Still needed
I think the methods in the first bullet point I mention should remain public, but agreed on making the other ones private.
@endel it looks like you fixed related bug(s) with these commits: https://github.com/colyseus/colyseus-unity3d/commit/e4bdfe3fc73c04ef149e545050a294f042d6de12 https://github.com/colyseus/colyseus-unity3d/commit/091ba1386c58a237060003d94279e6a7786efc3d FYI this "not being able to remove delegates" issue existed before those commits too, so they're not...
> I'd love to have a way to attach schema callbacks without relying on actual instances being present on the client-side. Attaching schema callbacks on deep structures can be particularly...
> That's exactly what I mean! 👀 Glad you're positive about this! One thing I should mention is that it's still important to be able to create `OnChange` handlers for...
(same goes for `colyseusClient.Reconnect()`)